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BACKGROUND OF THE INVENTION 

Field of the Invention 

The present invention relates to the field of encryption. Specifically, the present 
invention relates to creating and executing secure, i.e., encrypted, scripts by a world wide web- 
enabled application. 

Description of the Related Art 

Present World Wide Web browsers, such as Internet Explorer, available from Microsoft 
Corporation, are limited by the constraints of the HyperText Mark-Up Language (HTML). Web 
content based on HTML comprises static, two dimensional text and graphics. A scripting 
language, such as JavaScript - a cross-platform, object-based scripting language for client and 
server applications developed by Netscape Communications, Inc., extends a Web browser's 
capabilities. A scripting language allows access to objects within the browser and supports 
execution of Web applications. A script, written in a scripting language, typically has access to 
browser objects in an HTML document or page, and is capable of modifying variables in the 
HTML document. Thus, the script extends the capabilities of HTML processing without 
requiring interaction with a HyperText Transfer Protocol (HTTP) server. The script typically is 
downloaded by the browser as part of an HTML page and is processed as the page is received, or 
when a browser event occurs, such as the click of a button on the HTML page. 

A Dcript di fiferg;fr6nra n appl o t. Although an app l et also is d ownloaded as part of a Wcl> 
page and run on^client system, the applet stands alone, that is, it is not part of the browser 
applicatiofi, just as a an application program, such as a word processor application, is not part of 
ap^op crating -s ygte m^ 
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In addition to scripts and applets, controls enhance Web browsers. For example, ActiveX 
controls are interactive objects in a Web page that provide interactive and user-controllable 
functions. ActiveX controls are part of a set of technologies available from Microsoft 
Corporation, based on a refinement of the well known COM standard, that is directed to enabling 
5 interactive content for Web pages. ActiveX currently is supported by the Microsoft Windows 
operating system, but will be supported on other platforms, such as the Macintosh platform 
available from Apple Computer, and UNIX platforms. 

Without sufficient security mechanisms in place, it is possible to download a Web page 
that contains controls that launch an application that causes harm or unintended results, e.g., to 
p 10 the client system. Furthermore, if the controls are not secure, the provider of a Web site risks 
sj= attack by computer hackers, and is vulnerable to software bugs. 

5? 

5a:? 

N BRIEF SUMMARY OF THE INVENTION 

r % The invention provides a method for creating a secure script. Executable commands in 

j, } 15 the script are hashed, and the hashed values for the commands are encrypted and appended to the 

=a = 

4j script. 

BRIEF DESCRIPTION OF THE DRAWINGS 
The present invention is illustrated by way of example and not limitation in the following 
20 figures. Like references indicate similar elements, in which: 

Fig. 1 is a flow chart illustrating an embodiment of the invention. 
Fig. 2 is a flow chart illustrating an embodiment of the invention. 
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DETAILED DESCRIPTION OF THE INVENTION 
forefflbe dimeiit of tl te-pre scnt invention e nabl e s W tfop ag c s to e x e cute s oft w ar e — - 
applications on a client system, e.g., a personal computer (PC), in a secure manner using a signed 
control, and a signed and encrypted script. Embodiments of the invention may be represented as 
a software product received over, and/or storea on, a machine-readable medium (also referred to 
as a computer-readable medium or a processor-readable medium). The machine-readable 
medium may be any type of magnetic, optical, or electrical storage medium including a diskette, 
CD-ROM, memory device (volatile or non-volatile), or similar storage mechanism. Moreover, 
the machine readable medium may accessed at a server by a client via a network connection 
between the client and server, for example, in a client/server computing environment. The 
machine-readable medium may contain various sets of instructions, code sequences, 
configuration information, or other data. For example, the procedures described herein can be 
stored on tiae machine-readable medium. Those of ordinary skill in the art will appreciate that 
other ^instructions and operations necessary to implement the described invention may also be 
sfor o d on the machino - roadablc medium !* 

In one embodiment of the invention, a script in a World Wide Web page ("Web page", 
"Web document", or "HyperText Markup Language (HTML) document") is hashed and 
encrypted. A control in the Web page, such as ActiveX, decrypts and hashes the script to verify 
the script has not been altered or tampered with, before executing or causing to execute the 
script. In this manner, one can serve to a client web pages that contain interactive content or that 
execute local applications in a secure fashion. The described embodiment involves a script that 
may be invoked by a Web browser application, or more particularly, by a control in a Web page 
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downloaded by the Web browser application. However, it should be noted that any application 
or software program can benefit from the present invention to protect malicious modification of 
or hacking to a script or the like. 

With reference to Fig. 1, the process starts at 1 10 with hashing the commands in the 
script. The script is written in a scripting language, such as JavaScript, and comprises executable 
commands to cause the client system upon which the script is executed to perform some 
function. The function may be defragmenting a hard disk drive accessible by the system upon 
which the script is executed, or providing interactive content in a Web page downloaded to a 
client system, e.g., online tutorial or help. The content of the script is not so important as is 
preventing unauthorized control of the script or unauthorized alteration of the script content in so 
much as an embodiment of the present invention is concerned. 

Any well known or proprietary hashing function may be utilized to compute a hashed 
value for each executable command in the script. Each executable command is provided at 105 
as the key value input to the hashing function, from which the hashing function computes a 
hashed value corresponding to the executable command. In one embodiment of the invention, 
each executable command may be hashed, while in other embodiments of the invention, some 
number of executable commands, e.g., one or more but less than all of the executable commands, 
may be hashed. In one embodiment of the invention, the hashing function utilizes public key A 
that is tied to the script, as described below, thus making it highly unlikely that the script was 
authored or edited by an unauthorized individual without access to the corresponding private 
key. 

At 120, each hashed value is encrypted using well known asymmetric, i.e., public, key 
cryptography techniques. For example, each hashed value is encrypted using private key A 106. 
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This process is also referred to in cryptography as creating a public key digital signature. Public 
key digital signatures provide a way to prove that the signed data was signed by one who had a 
copy of a particular private key, in this case, private key A. 

The signed hashed values for the executable commands are embedded or appended to the 
5 script at 130. Alternatively, the hashed values may first be appended to the script and then 
signed. A public key A corresponding to the private key A may be appended to the script as 
well, or obtained from the public key authentication infrastructure, e.g., a certification authority. 
(A public file known as a certificate is issued by the certification authority and contains an 
entity's public key, identifying information, and a signature provided by the certification 
10 authority). At 140, the script, including the signed hashed values and public key, if present, may 
j l be encrypted using a symmetric key 107 to provide a second level of encryption. The encryption 

is not necessary for protection of the script, but hides the public key, if included in the script. 

In a Web-enabled application, the script, encrypted or not as the case may be, is 
converted as appropriate for inclusion in a Web page. The public key A 108 corresponding to 
15 the private key A 106 is provided to control, i.e., interactive objects that provide interactive and 
user-controllable functions, in the Web page. In one embodiment of the invention, the Web page 
utilizes ActiveX control from Microsoft Corporation. The control is also signed at 160, to hride^ 
public key A provided therein at 150. The control is signed using a different private key, key B 
provided at 109. The script is ready for the execution process upon activation of the control by, 
20 e.g., a Java applet or a user clicking a button on the Web page. 

The process of securely executing the script is now described with reference to Fig. 2. In 
one embodiment of the invention, a user running a Web browser application visits a Web site 
and downloads a Web page containing interactive content. The user activates a control in the 



-5- 
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Web page, for example, by clicking on an applet. Recall from the above discussion that the 
control is signed at 160 with a public key digital signature using private key B 109. Thus, at 210, 
the signature is verified using public key B 205. Verification is accomplished by decrypting the 
signed control with public key B. If any change has occurred to either the control or the 
5 signature, it will be detected at 210. At 220, the script is decrypted with symmetric key 107. 
(Symmetric key encryption requires only one key that is shared by the encryption process and 
decryption process). Of course, the decryption is necessary only if the script was 
correspondingly encrypted at 140. 

At 230, the executable commands in the script are hashed, using the same hashing 
p 10 function utilized at 1 10. The hashed commands that were encrypted and appended to the script 
41 at 120 and 130, respectively, are now decrypted at 240, using public key A, which was provided 

CH to the control at 150. The decrypted hashed commands are compared at 250 with the commands 

hashed at 230. If no changes in the script occurred between hashing and encrypting at 1 10 and 
: s 120, and hashing and decrypting at 230 and 240, the decrypted hashed commands obtained at 

||l 15 240 should be identical to the hashed commands obtained at 230, and the script may begin 
a j execution at 260. If, on the other hand, the commands hashed at 230 are not the same as the 

hashed commands decrypted at 240, the user is cautioned or warned, for example, by displaying 
a message in a pop up window or the like in a display screen for the client system. The user 
may, according to one embodiment of the invention, select to proceed with execution of the 
20 script. This is useful, for example, if a new version of the script is released, in which case 

hashed values for the commands in the old version of the script will not match the hashed values 
for the commands in the new version. 
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In one embodiment of the invention, the decrypted hashed commands are maintained so 
that a comparison between hashed command values and decrypted hashed command values may 
be performed before every execution of the script. Alternatively, a comparison is performed 
between execution of each command, to ensure there is no dynamic modification of the script or 
5 particular commands in the script. In each case, the user is warned as appropriate. In this 

manner, verification of the source and integrity of a script in an application, such as may be in a 
Web page, is accomplished. 
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